9 matches found
CVE-2024-4693
A flaw was found in the QEMU Virtio PCI Bindings hw/virtio/virtio-pci.c. An improper release and use of the irqfd for vector 0 during the boot process leads to a guest triggerable crash via vhostnetstop. This flaw allows a malicious guest to crash the QEMU process on the host...
CVE-2024-4693 Qemu-kvm: virtio-pci: improper release of configure vector leads to guest triggerable crash
A flaw was found in the QEMU Virtio PCI Bindings hw/virtio/virtio-pci.c. An improper release and use of the irqfd for vector 0 during the boot process leads to a guest triggerable crash via vhostnetstop. This flaw allows a malicious guest to crash the QEMU process on the host...
CVE-2024-4693 Qemu-kvm: virtio-pci: improper release of configure vector leads to guest triggerable crash
A flaw was found in the QEMU Virtio PCI Bindings hw/virtio/virtio-pci.c. An improper release and use of the irqfd for vector 0 during the boot process leads to a guest triggerable crash via vhostnetstop. This flaw allows a malicious guest to crash the QEMU process on the host...
CVE-2024-4693
CVE-2024-4693 affects QEMU’s Virtio PCI Bindings (hw/virtio/virtio-pci.c). The issue is an improper release/use of irqfd for vector 0 during boot, leading to a guest-triggered crash of the host QEMU process via vhost_net_stop(). Exploitation would require a guest to trigger the path locally; CVSS...
CVE-2024-4693
A flaw was found in the QEMU Virtio PCI Bindings hw/virtio/virtio-pci.c. An improper release and use of the irqfd for vector 0 during the boot process leads to a guest triggerable crash via vhostnetstop. This flaw allows a malicious guest to crash the QEMU process on the host...
SUSE-SU-2021:1244-1 Security update for qemu
This update for qemu fixes the following issues: - Fix OOB access in sm501 device emulation CVE-2020-12829, bsc1172385 - Fix OOB access possibility in MegaRAID SAS 8708EM2 emulation CVE-2020-13362 bsc1172383 - Fix use-after-free in usb xhci packet handling CVE-2020-25723, bsc1178934 - Fix...
FreeBSD : xen-tools -- Guest triggerable qemu MSI-X pass-through error messages (cbe1a0f9-27e9-11e5-a4a5-002590263bf5)
The Xen Project reports : Device model code dealing with guest PCI MSI-X interrupt management activities logs messages on certain supposedly invalid guest operations. A buggy or malicious guest repeatedly invoking such operations may result in the host disk to fill up, possibly leading to a Denia...
Security update for xen (important)
Xen was updated to fix eight vulnerabilities. The following vulnerabilities were fixed: CVE-2015-2751: Certain domctl operations may be abused to lock up the host XSA-127 boo922709 CVE-2015-4103: Potential unintended writes to host MSI message data field via qemu XSA-128 boo931625 CVE-2015-4104:...
Fedora 21 : xen-4.4.2-5.fc21 (2015-9466)
Potential unintended writes to host MSI message data field via qemu XSA-128, CVE-2015-4103, PCI MSI mask bits inadvertently exposed to guests XSA-129, CVE-2015-4104, Guest triggerable qemu MSI-X pass-through error messages XSA-130, CVE-2015-4105, Unmediated PCI register access in qemu XSA-131,...